anonfunc/xtables-addons
1
0
Fork 0
mirror of git://git.code.sf.net/p/xtables-addons/xtables-addons synced 2025-09-07 05:05:12 +02:00
Code Issues Releases Wiki Activity
756 Commits 5 Branches 85 Tags
7ee9feb20e7e665ab28c1da6550ca4647a550e5e
Commit Graph

756 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jan Engelhardt
1fed8bbf09 extensions: more precise description 2011-07-17 14:27:07 +02:00
Jan Engelhardt
6e8fb7f231 Xtables-addons 1.37 v1.37 2011-06-25 00:57:02 +02:00
Jan Engelhardt
eceaee3431 doc: do not advertise old tools 
Remove mention of netcat from the libxt_SYSRQ manpage.
 2011-06-25 00:05:26 +02:00
John Haxby
77b29a62ee xt_SYSRQ: include host address in digest 
The xt_SYSRQ hash now includes the destination IPv4 or IPv6 address
which makes it harder to replay a request to many different machines
in the hope that some of them are using the same password.
 2011-06-25 00:03:28 +02:00
John Haxby
33db992c39 xt_SYSRQ: make IPv6 trigger work again 
IPv6 sysrq never worked because of bad pointer arithmetic.
 2011-06-24 23:42:38 +02:00
Martin Barrowcliff
85d8f98dd7 xt_TARPIT: fix a kernel oops in --reset mode 
1. Moved misplaced code that was causing kernel oops in reset mode.

2. Added payload size calc to honeypot mode, so ack sequence may ACK
the length of client's sent payload packets correctly.

3. Modified TTL for honeypot mode so we look more like a Windows
machine.
 2011-06-24 22:09:34 +02:00
Peter Volkov
e84391ce66 build: use absolute path for M= 
Use absolute path for M during checking kernelrelease. This will force
temporary objects be built in the current directory and not $kbuilddir
as it happened, e.g. in the current kernel scripts/Kbuild.include
try-run target (it is called with TMPOUT=M=. and during call
pwd=$kbuilddir). This should fix sandbox violation in Gentoo:
https://bugs.gentoo.org/show_bug.cgi?id=371997
 2011-06-20 10:48:10 +02:00
Peter Volkov
ef7fb0db7f build: fix support for 2.6.x kernels 
After commit 75b3762ef4 "WARNING: That
kernel version is not supported." is issued to supported kernels too.
Fix this.
 2011-06-20 09:14:51 +02:00
Jan Engelhardt
4203259e5a Xtables-addons 1.36 v1.36 2011-06-03 16:45:29 +02:00
Jan Engelhardt
e3956498ac doc: remove stray "userspace" wording 2011-06-01 01:44:54 +02:00
Jan Engelhardt
6f730f3ab2 xt_TARPIT: unlock for use with all tables 2011-06-01 01:37:05 +02:00
Jan Engelhardt
2b590a35fd Merge branch 'ipset-6' 2011-05-31 23:05:40 +02:00
Jan Engelhardt
3dd33dfe93 doc: move iptaccount(8) option overview to its own manpage 2011-05-31 23:05:31 +02:00
Jan Engelhardt
d417077816 doc: fix \(em in ipv4options 2011-05-31 23:00:35 +02:00
Jan Engelhardt
d057f6d6f0 doc: replace NOTRACK by CT-notrack 2011-05-31 22:58:34 +02:00
Jan Engelhardt
b2fc85c589 ipset: update to 6.7-genl 2011-05-31 22:54:49 +02:00
Martin Barrow Cliff
fa1348455d xt_TARPIT: honeypot and reset modes 
Honeypot mode attempts to maintain a normal connection for the purpose
of capturing payload packets.

Reset mode provides the ability to send a reset packet in lieu of
using the DROP or REJECT targets.
 2011-05-31 22:41:51 +02:00
Jan Engelhardt
1a5c079e6b Merge branch 'ipset-6' 2011-05-31 16:56:26 +02:00
Jan Engelhardt
75b3762ef4 build: support for Linux up to 3.0 2011-05-31 16:56:23 +02:00
Jan Engelhardt
cfb72bf468 ipset: update to 6.6a-genl 2011-05-31 16:14:44 +02:00
Jan Engelhardt
1b0790d151 ipset-6: move manpage into src/ 2011-05-31 16:09:03 +02:00
Changli Gao
a5355e74ea xt_geoip: avoid recursive function calls 
The stack memory is very limited in Linux kernel.

Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
 2011-04-14 09:07:25 +02:00
Jan Engelhardt
757bf0e993 Xtables-addons 1.35 
Trim the changelog to only reveal changes relevant to the end user.
v1.35 		2011-04-11 18:37:32 +02:00
Jan Engelhardt
cea4817a46 Merge branch 'ipset-6' 
Conflicts:
	INSTALL
	mconfig
 2011-04-11 04:23:18 +02:00
Jan Engelhardt
2dc79fe008 ipset; update to ipset-6.3 (genl) 
* Handle EAGAIN from autoloading code.
* Turn one nfgenmsg site into genlmsg to avoid protocol mismatch
 2011-04-11 04:11:30 +02:00
Jan Engelhardt
b60f8f1de2 Xtables-addons 1.34 v1.34 2011-04-07 15:15:39 +02:00
Jan Engelhardt
499c6db75e ipset: update to ipset-6.2 2011-04-04 00:39:50 +02:00
Jan Engelhardt
509953daec build: notify of unsupported Linux kernel versions 2011-04-04 00:18:54 +02:00
Jan Engelhardt
c53a86874d build: notify of unsupported Linux kernel versions 
I would like to move forward a bit, and today, two issues prompted
me to start removing old code:

* make 3.82 does not like mixing normal rules with implicit rules,
  which rejects Makefiles of Linux kernels before 2.6.34.

* xt_DNETMAP uses functionality not available before 2.6.29.
 2011-04-04 00:10:23 +02:00
Jan Engelhardt
309b960012 Merge branch 'dnetmap' 2011-04-03 23:59:18 +02:00
Marek Kierdelewicz
f4882ca029 xt_DNETMAP: support for kernels below 2.6.34 2011-04-03 23:50:10 +02:00
Jan Engelhardt
8fd3eb56eb xt_DNETMAP: add missing alias 2011-04-03 23:49:53 +02:00
Jan Engelhardt
94574fb829 Merge branch 'pknock' 
Kernel warnings and oopses resulting from the inversion (HEAD^2)
reported by user mancha (mancha!debian-tor@gateway/tor-sasl/mancha) on
irc.freenode.net/#netfilter.
 2011-02-28 20:51:25 +01:00
Jan Engelhardt
32871bad39 xt_pknock: avoid inversion of rule lookup that led to warnings 
Commit v1.18-48-g58839b9 had this screwed up.
 2011-02-25 01:22:16 +01:00
Jan Engelhardt
0ba44bd461 xt_pknock: avoid crash when hash TFM could not be allocated 2011-02-25 01:22:16 +01:00
Jan Engelhardt
d4e6e3d155 xt_pknock: indent 2011-02-25 01:20:12 +01:00
Jan Engelhardt
18043f3e3a ipset: update to 6.0 2011-02-24 00:40:23 +01:00
Jan Engelhardt
ff27f61477 ipset: rename ipset-5 directory to ipset-6 2011-02-24 00:02:18 +01:00
Jan Engelhardt
9f59f21614 Xtables-addons 1.33 v1.33 2011-02-02 05:21:56 +01:00
Jan Engelhardt
7a8bfed52c xt_geoip: keep compiling for <= 2.6.23 2011-02-02 05:21:56 +01:00
Jan Engelhardt
1edc9b943b build: do not forget including path for compat_user.h 2011-02-02 05:15:09 +01:00
Jan Engelhardt
ebfa77795a build: preliminary support for iptables 1.4.11 2011-02-02 05:09:58 +01:00
Jan Engelhardt
4a8aa505c4 build: support for Linux up to 2.6.38 
No API changes that needed to be taken care of, so just bump the
version check in configure.ac.
 2011-02-02 04:59:58 +01:00
Jan Engelhardt
4654ee127f xt_DNETMAP: disable by default for now 
I wanted xt_DNETMAP to be included in the release already, though
because it only compiled with Linux >= 2.6.34 currently (some work
will be needed), deactive it by default.
 2011-02-02 04:55:34 +01:00
Jan Engelhardt
a7a77d7146 Merge branch 'dnetmap' 2011-02-02 04:54:25 +01:00
Jan Engelhardt
2a61ca7d4b build: fix missing inclusion of dependency rules 2011-02-02 04:53:30 +01:00
Jan Engelhardt
39de351a91 libxt_geoip: update manual page with new tool syntax 2011-02-02 04:51:38 +01:00
Jan Engelhardt
07bf41a294 Merge branch 'geoip' 2011-02-02 04:48:40 +01:00
Jan Engelhardt
07cd29d9ce xt_geoip: IPv6 support 2011-02-02 04:47:28 +01:00
Jan Engelhardt
eb9634aee6 xt_geoip: v4/v6 name preparations 2011-02-02 04:43:36 +01:00